What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-16 09:04:06 | Malware Uses Your PC to Send 30K Sextortion Emails Per Hour (lien direct) | Sextortion emails stating that your computer was hacked and video was created of you on porn sites have become so common that they are treated simply as another spam. That does not mean, though, that they are not profitable as a new report shows attackers are generating revenue by utilizing infected PCs to do their dirty work. [...] | Malware | ||
|
2019-10-16 09:01:55 | New SDBot Remote Access Trojan Used in TA505 Malspam Campaigns (lien direct) | Researchers discovered two new malware strains distributed via phishing campaigns carried out by the TA505 hacking group during the last two months, a new downloader dubbed Get2 and an undocumented remote access Trojan (RAT) named SDBbot. [...] | Malware | ||
|
2019-10-15 10:00:34 | Chinese Hackers Use New Cryptojacking Tactics to Evade Detection (lien direct) | Chinese-speaking cybercrime group Rocke, known for operating multiple large-scale malicious crypto-mining campaigns, has now switched to new Tactics, Techniques, and Procedures (TTPs), including new C2 infrastructure and updated malware to evade detection. [...] | Malware | ||
|
2019-10-14 12:54:44 | Winnti Group Uses New PortReuse Malware Against Asian Manufacturer (lien direct) | Winnti Group hackers have updated their arsenal with a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. [...] | Malware | ||
|
2019-10-12 10:30:00 | Attackers Create Elaborate Crypto Trading Scheme to Install Malware (lien direct) | Attackers have created an elaborate scheme to distribute a cryptocurrency trading program that installs a backdoor on a victim's Mac or Windows PC. [...] | Malware | ||
|
2019-10-11 17:44:20 | FIN7 Hackers Load New RAT Malware Into ATM Maker\'s Software (lien direct) | The FIN7 hacking group has added new tools to its malicious toolkit, a malware loader that will deliver payloads straight into memory and a module that hooks into the legitimate remote administration software of ATM maker NCR Corporation. [...] | Malware | ||
|
2019-10-11 15:36:34 | Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit (lien direct) | The RIG exploit kit is now pushing a cocktail of malware that includes a new variant of the Nemty Ransomware. [...] | Ransomware Malware | ||
|
2019-10-10 16:20:47 | New Malware Spies on Diplomats, High-Profile Government Targets (lien direct) | A new modular and malware designed to target diplomatic and government entities was spotted by ESET researchers while being utilized in attacks aimed at Russian-speaking individuals for at least 7 years. [...] | Malware | ||
|
2019-10-03 20:15:27 | Four U.S. Food Chains Disclose Payment Card Theft via PoS Malware (lien direct) | Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers' payment card information. [...] | Malware | ||
|
2019-09-30 18:16:27 | Under-Detected ODT Files Deliver Common Remote Access Trojans (lien direct) | Security researchers noticed multiple cybercriminal operations using OpenDocument Text (ODT) files to distribute malware that is typically blocked by antivirus engines. The campaigns target English and Arabic-speaking users. [...] | Malware | ||
|
2019-09-27 15:27:14 | New Masad Stealer Malware Exfiltrates Crypto Wallets via Telegram (lien direct) | A new and actively distributed malware strain dubbed Masad Stealer steals files, browser information, and cryptocurrency wallet data from infected computers that get sent back to its masters using Telegram as a communication channel. [...] | Malware | ||
|
2019-09-26 18:15:00 | New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery (lien direct) | A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines. [...] | Malware | ||
|
2019-09-26 14:45:49 | Microsoft Spots Nodersok Malware Campaign That Zombifies PCs (lien direct) | A new fileless malicious campaign, dubbed Nodersok by Microsoft Defender ATP Research Team researchers who discovered it, drops its own LOLBins to infect Windows computers with a Node.js-based malware that will turn the devices into proxies. [...] | Malware | ||
|
2019-09-24 12:58:50 | Fake Employment Site Created to Target Veterans With Malware (lien direct) | A fake web site pretending to be an organization that offers job opportunities for U.S. veterans is distributing malware that let's the attackers gain full control over a victim's computer. [...] | Malware | ||
|
2019-09-24 11:23:41 | State-Backed Attackers Target US Entities with LookBack Malware (lien direct) | A spear-phishing campaign spanning more than five months has been targeting roughly 17 U.S. utility providers between April 5 and August 29 according to research from Proofpoint's Threat Insight Team. [...] | Malware Threat | ||
|
2019-09-23 17:28:25 | Beware of Google Alert Links Leading to Malware and Scams (lien direct) | Google Alerts is s useful service that allows you to receive emails or an updated RSS feed when new pages appear in the Google search index that are related to specified keywords you are following. Unfortunately, whenever there is a good thing, people try to take advantage of them to push users towards scams and malware [...] | Malware | ||
|
2019-09-18 10:06:47 | Amadey Botnet Targets U.S. Taxpayers with Tax Refund Notice (lien direct) | A phishing campaign has been spotted recently delivering Amadey botnet malware to taxpayers in the U.S. through fake income tax refund emails. [...] | Malware | ||
|
2019-09-18 09:04:53 | Smominru Mining Botnet In Cyber Turf War With Rival Malware (lien direct) | The Smominru mining botnet continues to wreck havoc on corporate machines by not only installing cryptominers, but also stealing credentials, installing backdoors, and making system configuration modifications that could affect the proper operation of an infected machine. [...] | Malware | ||
|
2019-09-14 15:11:58 | Nemty Ransomware Update Lets It Kill Processes and Services (lien direct) | Nemty ransomware is under active development, although its version number may not show it. Its authors are clearly making efforts to make it a more efficient and sophisticated malware and it begins wider distribution. [...] | Ransomware Malware | ||
|
2019-09-14 10:30:12 | InnfiRAT Malware Steals Litecoin And Bitcoin Wallet Information (lien direct) | A remote access Trojan (RAT) dubbed InnfiRAT by the Zscaler ThreatLabZ team which took a closer look at its inner-workings comes with extensive sensitive information collection capabilities, including cryptocurrency wallet data. [...] | Malware | ||
|
2019-09-14 01:51:17 | (Déjà vu) Destructive Ordinypt Malware Hitting Germany in New Spam Campaign (lien direct) | A new spam campaign is underway that pretends to be a job application from "Eva Richter" who is sending her photo and resume. This resume, though, is actually an executable masquerading as a PDF file that destroys a victim's files by installing the Ordinypt Wiper. [...] | Spam Malware | ||
|
2019-09-12 13:54:00 | New WiryJMPer Dropper Hides Netwire RAT Payloads in Plain Sight (lien direct) | A new malware dropper was observed while infecting computers with a Netwire malicious payload hidden between two benign binaries and using obfuscation to fly under the radar of most anti-malware solutions. [...] | Malware | ||
|
2019-09-11 15:44:01 | Ryuk Related Malware Steals Confidential Military, Financial Files (lien direct) | A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files. [...] | Ransomware Malware | ||
|
2019-09-11 10:15:03 | Virtual Disk Attachments Can Bypass Gmail and Chrome Security (lien direct) | Virtual disk files are locked containers that shield the items inside from online or local security defenses. The trick can help adversaries deliver malware invisibly to a target's computer. [...] | Malware | ||
|
2019-09-11 08:30:02 | Microsoft to Improve Office 365 Phishing Email Notifications (lien direct) | Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October. [...] | Malware | ||
|
2019-09-09 14:00:01 | PsiXBot Modular Malware Gets New Sextortion, Google DoH Upgrades (lien direct) | Security researchers discovered a new variant of the PsiXBot modular malware with a new sextortion module and designed to use Google's DNS over HTTPS (DoH) service to get command and control (C2) domain addresses. [...] | Malware | ||
|
2019-09-06 08:30:00 | GootKit Malware Bypasses Windows Defender by Setting Path Exclusions (lien direct) | As Windows Defender matures and becomes tightly integrated into Windows 10, malware writers are creating techniques to evade its detection. Such is the case with the GootKit banking Trojan, which use a UAC bypass and WMIC commands to exclude the malware executable from being scanned by Windows Defender Antivirus. [...] | Malware | ★★★★★ | |
|
2019-09-06 03:30:03 | Windows and AV Software Ignore Malware in Virtual Disk Files (lien direct) | Windows operating system and antivirus software treat VHD and VHDX disk image downloads like a black box. Scanning the files inside these containers does not happen until the image is mounted and the files run. [...] | Malware | ||
|
2019-09-05 06:30:03 | Ransomware Adopts DoppelPaymer Name Given by Researchers (lien direct) | Whether it be malware devs contacting us about our stories or commenting in our forums, we all know that the ransomware developers monitor researchers and technology sites for information about their programs. Nothing shows this better, than a ransomware that recently decided to adopt the name given to it by researchers. [...] | Ransomware Malware | ||
|
2019-09-04 17:41:03 | Stealthy Android Trojan Spy Signs You Up For Premium Subscriptions (lien direct) | Security researchers discovered a new Android Trojan with malware dropper and spyware capabilities in 24 Google Play Store apps with more than 472,000 downloads in total. [...] | Malware | ||
|
2019-09-04 14:03:03 | Glupteba Malware Uses Bitcoin Blockchain to Update C2 Domains (lien direct) | A new variant of the Glupteba malware dropper is using the Bitcoin blockchain to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes. [...] | Malware | ||
|
2019-09-03 08:00:00 | New Toolkit Pushes Malware via Fake Program Update Alerts in 30 Languages (lien direct) | A new social engineering toolkit called Domen has been discovered that uses fake browser and program update alerts on compromised sites to infect users with malware and remote access software. [...] | Malware | ||
|
2019-09-02 13:05:00 | Back to School? Be Careful of Malware Hiding As Textbooks (lien direct) | Searching for textbooks and essays in electronic form on the Internet exposes students to a wide range of malicious attacks as Kaspersky Lab researchers found after analyzing data gathered over the past academic year. [...] | Malware | ||
|
2019-08-30 13:49:03 | Google Warns iPhone Users of Data-Stealing Malware Attacks (lien direct) | Five privilege escalation exploit chains actively used to compromise iOS devices have been discovered in the wild by Google's Threat Analysis Group (TAG) and Project Zero teams earlier this year. [...] | Malware Threat | ||
|
2019-08-29 09:47:04 | Fake Windows Game Booster Spreads Password Stealing Malware (lien direct) | Attackers have created a fake site that impersonates the legitimate Smart Game Booster site, but instead distributes a Trojan that steals your passwords, cryptocurrency wallets, browser history, and much more. [...] | Malware | ||
|
2019-08-28 12:47:00 | Malware Operation Making Millions Defeated by Design Flaw (lien direct) | The reign of Retadup botnet over more than 850,000 systems has reached an end as its command and control server (C2) was taken down by security researchers from antivirus maker Avast working with the French National Gendarmerie. [...] | Malware | ||
|
2019-08-27 11:00:00 | Trojan Dropper Malware Found in Android App With 100M Downloads (lien direct) | Researchers found a Trojan Dropper malicious module hidden within the Android app CamScanner downloaded over 100 million times by Google Play Store users. [...] | Malware | ||
|
2019-08-23 15:32:01 | IRS Warns Taxpayers of New Scam Campaign Distributing Malware (lien direct) | The Internal Revenue Service (IRS) issued today a warning to alert taxpayers and tax professionals of an active IRS impersonation scam campaign sending spam emails to deliver malicious payloads. [...] | Spam Malware | ||
|
2019-08-19 18:08:01 | Adwind Remote Access Trojan Hits Utilities Sector (lien direct) | Attackers are targeting entities from the utility industry with the Adwind Remote Access Trojan (RAT) malware via a malspam campaign that uses URL redirection to malicious payloads. [...] | Malware | ||
|
2019-08-16 17:37:02 | Steam Security Saga Continues with Vulnerability Fix Bypass (lien direct) | A bypass for a recent Steam vulnerability that could allow malware or a local attacker to gain admin privileges has been disclosed on Twitter. This new method allows an attacker to bypass the fix created by Steam and exploit the vulnerability again. [...] | Malware Vulnerability | ||
|
2019-08-14 09:00:00 | New Norman Cryptominer Uses Dynamic DNS for C2 Communication (lien direct) | A new cryptominer malware that infected almost all the computers on a company's network within a year uses DuckDNS for command and control communications with its masters. [...] | Malware | ||
|
2019-08-12 19:57:05 | Android Security: A Peek Behind the Scenes (lien direct) | Android phones can come with built-in malware and backdoors due to insufficient verification and vetting. Millions of smartphones were infected this way. [...] | Malware | ||
|
2019-08-12 11:29:03 | Cloud Atlas Hackers Add Polymorphic Malware to Their Toolkit (lien direct) | Cyber-espionage group Cloud Atlas has added polymorphic malware to its arsenal to avoid having its operations detected and monitored with the help of previously collected indicators of compromise. [...] | Malware | ||
|
2019-08-04 20:03:05 | GermanWiper Ransomware Erases Data, Still Asks for Ransom (lien direct) | Multiple companies were off to a rough start last week when a phishing campaign pushing a data-wiping malware targeted them and asked for a ransom. Researchers call it GermanWiper. [...] | Ransomware Malware | ||
|
2019-08-02 09:14:01 | Phishing Attacks Target US Utilities with Remote Access Trojan (lien direct) | A spear-phishing campaign observed during late July targeted three U.S. entities from the utility sector with a new malware featuring a remote access Trojan (RAT) module designed to give the attackers admin control over the infected systems. [...] | Malware | ||
|
2019-08-02 08:01:00 | Malware Attack Delays Alabama District\'s School Year Twice (lien direct) | For the second time in a week, Houston County Schools in Alabama had to delay their school year's opening due to a malware attack and the ongoing recovery. It has not been disclosed what type of malware attack they were hit with, but sounds like a ransomware attack based upon the details given. [...] | Ransomware Malware | ||
|
2019-08-01 12:00:00 | New SystemBC Malware Uses Your PC to Hide Malicious Traffic (lien direct) | A new malware strain is being distributed by threat actors via exploit kits like Fallout and RIG to hide malicious network traffic with the help of SOCKS5 proxies set up on compromised computers. [...] | Malware Threat | ||
|
2019-07-26 12:59:03 | Notorious MyDoom Worm Still on AutoPilot After 15 Years (lien direct) | The notorious Mydoom email worm, considered to be one of the most damaging malware strains ever developed, is still doing rounds on the Internet, working on autopilot and actively targeting email users all over the world. [...] | Malware | ||
|
2019-07-24 15:51:03 | BlueKeep Scanner Discovered in Watchbog Cryptomining Malware (lien direct) | A new Watchbog malware variant can scan for Windows computers vulnerable to BlueKeep exploits, with previous variants only being utilized to infect Linux servers compromised using Jira, Exim, Nexus Repository Manager 3, ThinkPHP, and Solr Linux exploits. [...] | Malware | ||
|
2019-07-24 10:43:05 | Ransomware: Most Popular Malware in Underground Forums (lien direct) | Through the analysis of over 3.9 million posts on underground hacker and malware forums, a new report illustrates the most common malware and threats being discussed. [...] | Malware |
To see everything:
Our RSS (filtrered)
